The official conference app for 2023 IEEE Symposium on Security and Privacy (SP)

<< See 50985 More Jobs Posted in Whova Events

Jobs Posted on the Whova Community Board of 2023 IEEE Symposium on Security and Privacy (SP)

If you know anyone in the job market, feel free to share with them

Researcher, Cryptography & Privacy
Ant Group
Any research topics of data security & privacy, including but not limited to: MPC/FHE/DP/PQC..
Assistant professor, Systems security
Assistant Professor position is currently opened on the topics of vulnerability detection, analysis, exploitation, and/or remediation.
This is a well funded position.
See the link to the full job offer below, feel free to reach out to me directly for any questions about the position online or in presence at S&P or Workshops.
Research Scientist - Privacy
Ph.D. positions: MLSEC, SECML, XAISEC
Karlsruhe Institute of Technology (KIT)
The "Intelligent System Security" research group at the Karlsruhe Institute of Technology (KIT) is seeking to fill multiple fully funded Ph.D. positions (German salary level TV-L 13). Find more details here:

PostDoc position: SEC or SECML
Karlsruhe Institute of Technology (KIT)
The "Intelligent System Security" research group at the Karlsruhe Institute of Technology (KIT) is seeking to fill two fully funded post-doctoral positions (German salary level TV-L 13/14). Find more details here:


Feel free to approach me at S&P or contact me via mail.
Assistant Professor
Chalmers University of Technology
Come and join us as Assistant Professor in the vibrant Chalmers Security & Privacy Lab !
postdoc in web security
Chalmers University of Technology
Join us at Chalmers as a postdoc on web application security!
Research Engineer - Privacy
PhD student and post-doc in Privacy-Enhancing Technologies
CISPA Helmholtz Center for Information Security
I'm looking for PhD students and postdocs that are interested in building privacy-friendly and secure systems. For more information see:

If you are at S&P: happy to talk in person, if not just send me an email for any questions you might have.
PhD students and Postdocs in CISPA Trusted Systems Group
CISPA Helmholtz Center for Information Security
We are searching for motivated and skilled Ph.D. students and post-doctoral researchers. These are currently our areas of interest:

- Developing, extending, and integrating hardware primitives for secure and trusted computing, where we are looking especially into RISC-V, Intel TDX, ARM CCA, and TPM

- The intersection between mobile system security and usable security

- Compartmentalization of software and implementation of secure architecture principles, in particular with object capabilities or new sandboxing solutions

- Intersection between authentication and system security and usability (e.g., FIDO2/WebAuthn or UX of 2FA)

The positions are not project-bound and allow a high degree of freedom in choosing the research projects! Thus, we also welcome new angles and directions and, in fact, expect new researchers to bring in their own ideas.

If you have more questions, just chat with me at S&P or drop me an email. More information is also provided on our website.
Postdocs and PhD students in Software Security
Ludwig-Maximilians-Universität München
The Programming Languages and Artificial Intelligence group at LMU Munich has been founded in April 2023 by Johannes Kinder. Our research lies at the intersection of software security, machine learning and formal methods. We are a young international team and are currently looking for postdocs and PhD students in all of our research areas.

Research in our group aims at solving real-world problems in software security. Current topics of interest include:
- Software supply chain security
- Large language models for code (both source and binary)
- Automated testing of JavaScript/node.JS
- Mobile and IoT security
- Formal modeling of speculative execution

LMU Munich, founded in 1472, is one of the leading universities in Germany. The Institute for Informatics is situated in the city center, next to the English Garden. The institute offers not only an excellent working atmosphere with world-leading groups in computer science, but also many opportunities for interdisciplinary work among the 18 faculties of LMU.

PhD Openings in Hardware Security at University of Toronto
University of Toronto
I am looking for new motivated PhD students interested in hardware and micro-architectural security to join my group at the University of Toronto.

You will get the opportunity to:
- reverse engineer emerging hardware and develop new attacks.
- design low cost micro-architectural defenses that are also effective.
- develop tools & techniques for automated security analysis.

If any of this sounds interesting to you, please reach out to me ( or find me at S&P. I am happy to chat more about pursuing graduate school at UofT.
Assistant Professor
Naval Postgraduate School
The Computer Science Department of the Naval Postgraduate School (NPS) ( invites applications for tenure-track Assistant Professor positions. We are especially interested in candidates with background in networking, cyber security, theory, or emerging areas.
Security Researcher
Red Balloon Security
Are you passionate about building the future of embedded security and advancing the state of security for critical devices by leveraging novel technologies? Talk to Red Balloon Security!

As a security researcher at Red Balloon, you will be at the forefront of embedded security research. You will:

Conduct defensive and offensive research and reverse engineering on embedded hardware and software

Implement and integrate automated host-based defenses in black-box embedded devices

Contribute to in-house reverse engineering framework OFRAK (Open Firmware Reverse Analysis Konsole)

Develop software for automating vulnerability identification in embedded software 

Design and develop automated hardware and software testing infrastructure

What may help you be great at the above? 

Proven experience in software and/or hardware reverse engineering

Proficiency in C/C++, and at least 1 scripting language

Working knowledge of fundamental computer science concepts and modern software design principles

Good understanding of at least 1 assembly language

Knowledge of low-level software design and implementation

Specialization in a relevant research area (reverse engineering, fuzzing, static/dynamic analysis, embedded software emulation, embedded software development)

Proficiency with ARM / MIPS / PPC assembly languages

Strong understanding of software vulnerabilities and practical exploitation techniques
Embedded Security Software Developer
Red Balloon Security
Are you passionate about building the future of embedded security and advancing the state of security for critical devices by leveraging novel technologies? Talk to Red Balloon Security!

As a software developer at Red Balloon, you will be at the forefront of embedded security. You will:

Write awesome, maintainable code

Develop, test, and scale in-house reverse engineering framework OFRAK (Open Firmware Reverse Analysis Konsole) towards a distributed architecture                                                            

Design and develop a large-scale automated test farm

Collaborate with security research staff to design and implement the infrastructure for the deployment of host-based defense software for black-box embedded devices                                              

Optimize performance of core backend applications when dealing with extensive operations over massive sets of binary data

What may help you be great at the above? 

A Computer science or Engineering education

Expertise in at least one OO programming language

Understanding of modern software design and engineering practices

High level of self-initiative and self-motivation

Embedded firmware development experience in C/C++

Experience with ARM / MIPS / PPC assembly languages

Strong understanding of OS design and implementation

Proficiency in hardware and software reverse engineering  
Assistant/Associate/Full Professor
Shandong University
We have several openings in School of Computer Science and Technology. Any topics on security are welcome, e.g., iot security, ML security, software security, etc.
Link: None
PhD positions in systems security at University of British Columbia
University of British Columbia
I am looking to hire motivated PhD students interested in systems security, cloud security, or operating systems to join my group at the University of British Columbia, Vancouver. Potential opportunities:
* mitigating side-channel leaks in cloud and serverless systems
* designing secure and predictable ML systems for the edge
* exploring beautiful Vancouver

I will be happy to chat about grad school experience at UBC. Find me at S&P or reach out to me at
Tenure-Track Asst Professor of Cybersecurity at RIT
We anticipate two openings in Cybersecurity at RIT, with an application closing of Dec. 1. RIT has a dedicated department in Cybersecurity, housed in the ESL Global Cybersecurity Institute, a new state-of-the-art 52,000 sq. ft. facility. The posting will be out in fall.
University of Waterloo
We have an opening for a postdoc in the Cryptography, Security, and Privacy (CrySP) research group at the University of Waterloo. The broad area is security and privacy in data science. This includes topics such as applied cryptography, in particular multi-party computation, differential privacy, and robustness in machine learning. This position will be held in the Cheriton School of Computer Science. Applicants must hold a PhD in a related field, and should have a proven research record, as demonstrated by publications in top security and privacy, database or ML venues (such as Oakland, CCS, SIGMOD, VLDB, ICLR, NeurIPS). The start date of the position is negotiable. The position may be for one or two years.

If you have questions or to apply, please send an email to Florian Kerschbaum . Applications should include a CV and may be considered as they arrive.
PhDs and PostDoc in Trustworthy ML for Systems Security
No day goes by without reading machine learning (ML) success stories across different application domains. Systems security is no exception, where ML's tantalizing results leave one wondering whether any unsolved problems are left. However, machine learning has no clairvoyant abilities, and once the magic wears off, we're left in uncharted territory.

As a community, we need to understand and improve the effectiveness of machine learning methods for systems security in the presence of adversaries. One of the core challenges is related to the representation of problem space objects (e.g., program binaries) in a numerical feature space, as the semantic gap makes between problem space objects and feature space representations make it harder to reason about attacks and defenses and often leaves room for adversarial manipulation. Inevitably, the effectiveness of machine learning methods for systems security is intertwined with the underlying program analysis abstractions used to represent software. How do different program abstractions affect the entire ML pipeline in this context? What are the implications of such representations wrt robustness to various forms of distribution shifts?

If you also find these questions exciting, come and talk to me at SP23 and DLSP23 (and/or drop me a line) about PhD and PostDoc opportunities as I'm hiring ;-)
PostDoc and PhD positions in ML for Security of Cyber-Physical Systems
Brandenburg University of Technology
Brandeburg University of Technology is located just 100km away from Berlin. Affordable comfortable living opportunities are available in close proximity to the campus and the city center. The city of Cottbus has about 100,000 inhabitants. Great public transportation connection to Berlin, Dresden and Leipzig. Just one hour away from the Berlin airport.
At the chair of IT-Security we are looking for motivated PostDocs and/or PhD Students to support our research and project work on
- machine learning for security of cyber-physical systems
- anomaly detection in energy networks / SCADA systems
- 5G/6G security
- privacy in intelligent energy systems
- traffic analysis
We are looking forward to your application.
Talk to me @S&P to get to know more.
PhD positions in AI & Systems Security @ King's College London, UK
King's College London
[I'm at the conference until Thursday--feel free to stop me or contact me to have a chat!]

My main area of expertise is at the intersection of systems security and AI, with emphasis on network security and malware analysis. My research aims to design cybersecurity solutions able to learn behavioral models that can be used to detect novel attacks and threats, and that generate interpretable decisions to assist security analysts in protecting systems and organizations. I am particularly interested in challenging scenarios such as unsupervised learning (e.g., no a-priori attack examples), fast evolving threats (high non-stationarity), and smart adversaries (adversarial ML attacks).

I am looking to solve problems in many domains with incoming students, including (but not limited to):

- Problem-Space Adversarial ML
- Explainable Security
- Systems Security
- Automated security testing
- Malware Analysis

I am looking for candidates with a BSc/MSc in Computer Science (or analogous), and a strong mathematical and systems security background. Passion and commitment may partially compensate for background deficiencies in either of these two (but hardly for both). You need to be comfortable with scripting and coding, preferably in one or more of Python/Java/C/C++. You must hold a genuine interest with my research agenda, and in improving the state-of-the-art through top-quality publications.

PostDoc and PhD in assessing risks with online platforms
CNRS/Inria/Ecole Polytechnique
The work will be related to the MOMENTOUS ERC project; more details here:
PhD positions in SPriTELab@UTSA
University of Texas at San Antonio
Security, Privacy, Trust and Ethics in Computing or SPriTELab at the University of Texas at San Antonio (UTSA) has openings for multiple PhD student researchers in the broad area of systems security and privacy. This fully funded position will provide an exciting opportunity to work on challenging and practical problems in mobile, wearable, IoT and Cyber-Physical systems security and privacy. We are looking for candidates who have a strong systems background and programming skills. Experience in machine learning and statistical analysis is also required. The candidate should possess excellent communication (reading, writing and oratory) skills and proficiency in English. A bachelor’s in computer science, computer engineering, electrical engineering or related areas is required, although a master’s is preferred. Besides everything, the candidate should be passionate about security and privacy research and strongly committed to publishing research results in top-tier security venues such as IEEE S&P, NDSS, ACM CCS and USENIX Security.

SPriTELab provides an excellent collaborative environment for conducting cutting-edge research, significant latitude/independence in choosing research directions/topics and personalized attention from senior researchers/faculty in the lab to grow one’s professional career. SPriTELab has state-of-the-art computing and IoT equipment to conduct systems and security research, and significant budget for investing in new devices/equipment as per researchers’ requirements and research directions. This position provides an annual stipend between $20-24K, full tuition and fee reimbursement and health insurance coverage. 
Multiple PhD positions on cybersecurity (open topic)
Hasso Plattner Institute
The research group on cybersecurity and enterprise security at HPI has several PhD positions available. These positions are open topic, meaning that you freely decide with your advisor on a topic that matches your own interests.

Current topics we are pursuing in the group are:
- IoT and SCADA security
- cybercrime analysis
- cyber threat intelligence and open source intelligence
- malware analysis
- network security

The group has a strong track record in large-scale empirical Internet measurements. The Hasso Plattner Institute is a private funded research institute, located about 30 km outside of Berlin.

Please reach out by e-mail for further details or find me in the coffee breaks at S&P.
Postdoc on Supply Chain Security
Hasso Plattner Institute / MIT
The 2022 Data Breach Incident Report concluded that in more than 60% of compromises, vulnerabilities in the supply chain played a key role in the incident.

In a joint research project with the Sloan School of Management at Massachusetts Institute of Technology, we are investigating the issue of Supply Chain Security. We focus on understanding the level of preparedness in industry with respect to supply chain security, investigate root causes for the many failures we have seen in the past (e.g. Solarwinds), and develop mechanisms to help organizations to better assess and secure the relationship to their supplies.

The project is supported by an industry consortium of well-known international organizations, which allows you to get first hand access and direct insights into the ecosystem. This position is located in Berlin, (a second one in Boston), both postdocs will directly collaborate and regular visit the other location for on-site research.
Technologist Student InternFinal Filing Date: 6/30/2023
California Privacy Protection Agency
The CPPA is hiring a Law/Technologist Student Intern. This graduate student will support the Agency’s key priorities, including by understanding marketplace practices, identifying emerging trends and threats to consumer privacy, developing methods of inquiry, and performing innovative research.

This paid, remote, summer internship will provide you experience in:
- Understanding a broad range of technology policy issues pertaining to privacy and security.
- Supporting the Agency’s investigatory responsibilities by monitoring current and next-generation threats on a range of technology-related issues.
- Developing appropriate tools, research methods, examination techniques, and other inquiry methods.
- Supporting the drafting of complex recommendations and materials on the laws and regulations under the jurisdiction of the Agency.

Final filing date: June 30th
Questions? Please email
Graduate Economic Analysis Intern (Privacy)
California Privacy Protection Agency
The California Privacy Protection Agency (CPPA) is seeking to hire an economic analysis graduate student assistant intern to conduct economic analyses related to privacy regulations under the general direction of CPPA staff.

The economic analysis summer internship provides an excellent opportunity for a graduate student to participate in research and to gain experience in learning about the process for conducting economic analyses of regulations up close. The internship is designed to provide valuable work experience for students pursuing careers in economics, finance, public policy, statistics, or related areas. Interns gain valuable experience related to the impact of consumer privacy rights regulations on the economy, as well as government experience in research project planning, data collection, tools and concepts of economic analysis, and communications and outreach.

This internship will be remote and is expected to continue for approximately 10 to 12 weeks
<< See 50985 More Jobs Posted in Whova Events